<?php

session_start();

require_once("includes/connect.php");
require_once("includes/function.php");

$payfor_id = $_POST["h_key"];

$lvl1_name = $_POST["lvl1_name"];
$lvl2_name = $_POST["lvl2_name"];
$budget_year = $_POST["budget_year"];

$p_id = $_POST["p_id"];
$treasury_id = $_POST["treasury_id"];
$treasury_date = $_POST["treasury_date"];
$panngan2_name = $_POST["panngan2_name"];
$panngan3_name = $_POST["panngan3_name"];
$acc_id = $_POST["acc_id"];
$elass = $_POST["elass"];
$ex1_id = $_POST["ex1_id"];
$ex2_id = $_POST["ex2_id"];
$ex3_id = $_POST["ex3_id"];

$inpValues = $_POST["inpValues"];
$inpTax = $_POST["inpTax"];
$inpTotal = $_POST["inpTotal"];
$WithholdingTax = $_POST["WithholdingTax"];
$inpPenalty = $_POST["inpPenalty"];
$inpNet = $_POST["inpNet"];
$ppID = $_POST["ppID"];
$comment = $_POST["comment"];

$company_name = $_POST["company_name"];
$task = $_POST["task"];
$petition_id = $_POST["petition_id"];
$reason = $_POST["reason"];
$i_date = $_REQUEST["i_date"];

$branch_name = $_REQUEST["branch_name"];
$bank_name = $_REQUEST["bank_name"];
$cheque_no = $_REQUEST["cheque_no"];

$val = $_REQUEST["val"];

$id = $_REQUEST["id"];
$payment_method = $_REQUEST["payment_method"];

//echo $payfor_id, $ppID;
$db = new myDBS;

if ($task == "edit") {

    $sql = "UPDATE tbl_petition "
            . "SET inpValues = '$inpValues'"
            . ", inpTax = '$inpTax'"
            . ", inpTotal = '$inpTotal'"
            . ", WithholdingTax = '$WithholdingTax'"
            . ", inpPenalty ='$inpPenalty'"
            . ", inpNet = '$inpNet'"
            . ", comment = '$comment' "
            . " WHERE petition_id = '$petition_id'";

    //echo $sql;
    $db->runSQL($sql);
    echo $petition_id;
} else if ($task == "cancel") {

    $sql = "UPDATE tbl_petition "
            . " SET status = 'ยกเลิก' "
            . ", cancel_reason = '$cancel_reason' "
            . ", cancel_date = '$cancel_date' "
            . " WHERE  petition_id = '$id'";

    $db->runSQL($sql) or die(mysql_error());
} else if ($task == "verify") {
    $sql = "UPDATE tbl_petition "
            . "SET veri_status = 'ผ่าน'"
            . ", veri_date = NOW() "
            . "WHERE petition_id = '$petition_id'";
    //echo $sql;
    $db->runSQL($sql) or die(mysql_error());
} else if ($task == "approved") {
//    $sql = "UPDATE tbl_petition "
//            . "SET approved_status = 'อนุมัติ'"
//            . ", approved_date = NOW()  "
//            . "WHERE petition_id = '$petition_id'";
    $sql = "UPDATE tbl_petition "
            . "SET approved_status = 'อนุมัติ'"
            . ", approved_date = '$i_date'  "
            . ", payment_method = '$payment_method'  "
            . " WHERE  petition_id = '$id'";

    $db->runSQL($sql) or die(mysql_error());

    //$db->runSQL($sql);
} else if ($task == "disapproval") {
    $sql = "UPDATE tbl_petition "
            . "SET approved_status = 'ไม่อนุมัติ'"
            . ", approved_date = NOW() "
            . "WHERE petition_id = '$petition_id'";

    $db->runSQL($sql);
} else if ($task == "approvedCheque") {

    $sql = "UPDATE tbl_petition SET cheque_status = 'อนุมัติ', cheque_date = '$i_date' WHERE cheque_no = '$cheque_no'";
    //echo $sql;

    $db->runSQL($sql);
} else if ($task == "disapprovalCheque") {

    $sql = "UPDATE tbl_petition SET cheque_status = 'ไม่อนุมัติ' WHERE cheque_no = '$cheque_no'";
    //echo $sql;

    $db->runSQL($sql);
} else if ($task == "print") {
    //$val = explode(",", $val);

    $sql = "UPDATE tbl_petition SET cheque_no = '$cheque_no', branch_name = '$branch_name', bank_name = '$bank_name' WHERE company_name = '$company_name' and approved_status = 'Approved' and petition_id in($val)";
    //echo $sql;
    //echo $val;

    $db->runSQL($sql);
} else if ($task == "paid") {

    $sql = "UPDATE tbl_petition SET paid_status = 'Paid', paid_date = NOW() WHERE cheque_no = '$cheque_no'";
    //echo $sql;

    $db->runSQL($sql);
} else if ($task == "new") {
    $sql = "SELECT  MAX(running_id) as running_id FROM temp_running WHERE lvl1_id = '" . $_SESSION["lvl1_id"] . "' and budget_year = '$budget_year'";

    $result = $db->runSQL($sql);
    $rows = $db->fetch_object($result);

    if (is_null($rows->running_id)) {
        $running = 0;
        $sql = "INSERT INTO temp_running (running_id, lvl1_id, budget_year) VALUES('1', '" . $_SESSION["lvl1_id"] . "', '$budget_year')";
        $db->insData($sql);
    } else {
        $running = $rows->running_id;
        $sql = "UPDATE temp_running SET running_id = running_id + 1 WHERE lvl1_id = '" . $_SESSION["lvl1_id"] . "' and budget_year = '$budget_year'";
        $db->runSQL($sql);
    }
    $running = $running + 1;
    $running = $running . "-" . $budget_year;

    $sql = "INSERT INTO tbl_petition(ppID, lvl1_name, lvl2_name, budget_year, p_id, treasury_id, treasury_date, panngan2_name, panngan3_name, acc_id, elass, ex1_id, ex2_id, ex3_id, inpValues, inpTax, inpTotal, WithholdingTax, inpPenalty, inpNet, payfor_id, company_name, comment) VALUES('$ppID', '$lvl1_name', '$lvl2_name', '$budget_year', '$running', '$treasury_id', '$treasury_date', '$panngan2_name', '$panngan3_name', '$acc_id', '$elass', '$ex1_id', '$ex2_id', '$ex3_id', '$inpValues', '$inpTax', '$inpTotal', '$WithholdingTax', '$inpPenalty', '$inpNet', '$payfor_id', '$company_name', '$comment')";

    //echo $sql;
    //$db = new myDBS;
    $last_id = $db->insData($sql);

    //echo $sql;
    //$sql = "UPDATE pp_check_job SET status = 1 WHERE ppID = '$ppID'";
    //$db->runSQL($sql);
    echo $last_id;
}

//echo $sql;
/*
  $db = new myDBS;
  $last_id = $db->insData($sql);
  echo $last_id;

  $where = "xxx_id = '$payfor_id' and creditor_name IS NOT NULL";
  //echo $where;
  $result = $db->showData1("temp_creditor", $where);

  while ( $rows = $db->fetch_object ( $result )){
  $sql = "INSERT INTO tbl_payfor(payfor_id, creditor_name, amount) VALUES('$payfor_id', '". $rows->creditor_name ."', '" . $rows->amount ."')";
  //echo $sql;
  $db->insData($sql);
  }
 */
/*
  if (isset ($name)) {
  mysql_query("INSERT INTO tblProfile(name, email, tel, birthdate) VALUES ('$name', '$email', '$tel', '$datepicker')") or die(mysql_error($connect));
  echo "seccess";
  } else {
  //mysql_error($connect);
  echo "Error from filename:addProfile.php";
  }
 */
?>
